package com.zb.uniman.controller.UnuseController;

import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.zb.uniman.common.ErrorCode;
import com.zb.uniman.common.ResultMap;
import com.zb.uniman.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import org.springframework.web.bind.annotation.GetMapping;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Author:B
 * Description:      127.0.0.1:8080/token/login
 * Description:      127.0.0.1:8080/token/talk
 */
//@RestController
//@RequestMapping("/token")
public class tokencontroller {

    @GetMapping("/login")
    public ResultMap login(HttpServletRequest request, HttpServletResponse response) {
        String jwt = JwtUtil.createJWT("customer", System.currentTimeMillis());
        response.addHeader("token", jwt);
        return ResultMap.error(ErrorCode.success);
    }

    /*
    验证过期 ---ok
    jwt过期时间是自己设置的，跟管不管postman，浏览器没关系
     */
    @GetMapping("/talk")
    public ResultMap talkToken(HttpServletRequest request, HttpServletResponse response) throws Exception {
        String token = request.getHeader("token");
        if (token.isEmpty()) {
            return ResultMap.error(ErrorCode.hotError);
        }
        Claims claims = JwtUtil.parseJWT(token);
        String subject = claims.getSubject();

        if (StringUtils.equals(subject, "customer")) {
            return ResultMap.error(ErrorCode.success);
        }
        return ResultMap.error(ErrorCode.sadError);

    }
    /*
    jwt后台伪造 -------成功
eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJjOWRkOGM2OTQ2NjQ0MWQ3YWJiMzlkOWY0MDdiOTc1ZiIsInN1YiI6ImN1c3RvbWVyIiwiaXNzIjoiSHNxIiwiaWF0IjoxNzAxNTA2MTEzLCJleHAiOjIwMTY4NjYxMTN9.tjUDax6MdzPMw3HCcdA4UTxT2Gd68vkfg4z80mh4Gtk
     */

}
